The Acceptable Use Policy governs the conduct of faculty, staff and students in the use of information technology resources. All end users of WVSOM Information Technology Resources are required to review the policy, watch the video in Moodle, sign an acknowledgment form and take the Moodle exam.
Due to the risks associated with local administrative authority, faculty/staff are provisioned its use by a formal request and approval process which identifies specific need. The request form should be initiated via the DocuSign PowerForm that is located at the bottom of the Local Administrator Authority Tutorial webpage linked below. Your request will flow through the review and approval process automatically. Once final approval has been granted via DocuSign by the Chief Technology Officer, a follow-up training session will be administered by Server Team staff.
Please use this Incident Reporting Form for any event that could potentially cause a security or privacy violation as part of WVSOM’s Information Security Plan and institutional policies.
The key to protection of IT resources is the proper utilization of usernames, accounts, and passwords. When creating passwords the following rules should be applied:
WVSOM uses the Microsoft Self Service Password Reset tool to allow users to reset their passwords on their own without contacting the Help Desk. The IT staff has compiled instructions on how to register and use the Microsoft SSPR tool.
Information technology resources are protected thru the appropriate operating system updates and insuring that computer systems have anti-virus protection software installed. For Faculty and Staff, the IT Department utilizes the WSUS (Windows Server Update Service) to deploy patches and updates to client machines. Users should always select to “Install updates and shut down” to automatically update their system when shutting down their systems. The IT Department uses Microsoft’s Advanced Threat Protection to guard against viruses. Laptops provided to students are automatically installed with Windows Defender. Students should also insure that Microsoft updates are applied to their laptops.
Users should also guard against Spyware, Adware, and Malware when using information technology resources. Spyware is a stealth program that covertly collects information about a user and their system, subsequently sending it over the internet. Adware promotes unsolicited advertisements in pop-ups to users and can operate as spyware. Malware is malicious software that can be disguised as Adware or operate as Spyware that is intentionally trying to damage or disrupt a user’s system. In addition to using software to guard against such attacks (MalwareBytes), user should follow these general guidelines:
All WVSOM faculty and staff are required to take an annual refresher course for technology and cyber security awareness within the Moodle learning management system, including topics related to the Gramm Leach Bliley Act, FERPA, HIPAA, and PCI compliance.
The IT Department performs internal risk assessments and engages with outside vendors for risk assessments including mock phishing scenarios. Users are encouraged to report phishing attempts to the firstname.lastname@example.org and visit the Phishbowl page for more information.